OpenIDConnect playground algorithm issue

reece1 · October 9, 2024, 6:31am

The header in the Id_token that openidconnect.net produces says that the algorithm is HS256

{
  "alg": "HS256",
  "typ": "JWT"
}

However the JWKS doesn’t have HS256

So I can’t validate the signature, any idea if I’m doing something wrong or is this tool borked?

Thanks

rueben.tiow · October 9, 2024, 5:46pm

I recommend going to your Application settings > Advanced Settings > OAuth and setting the JSON Web Token (JWT) Signature Algorithm option to RS256.

That should generate RS256 JWT tokens.

Let me know if you have any further questions.

Thanks,
Rueben

Topic		Replies	Views
Expected the ID token to be signed with HS256 JWT.io jwt	1	4449	October 9, 2021
Still get RS256 token JWT.io	3	2671	April 22, 2022
Express-openid-connect: unexpected JWT alg received, expected HS256, got: RS256 Get Help	5	4144	August 12, 2022
Authorization API signs JWTs as RS256 when HS256 is selected Get Help token , rs256 , hs256 , algorithm	7	11829	March 2, 2018
Getting RS512 error when using openid connect Get Help	8	3777	September 15, 2021